1. Field of the Invention
The present invention generally relates to electronic circuits and, more specifically, to data processing units implementing ciphering or deciphering algorithms. The present invention more specifically relates to mechanisms for verifying the integrity of a key manipulated by such algorithms.
2. Discussion of the Related Art
When a processing unit (typically a cryptoprocessor) is used to implement a ciphering algorithm, it should be verified that the manipulated key has not been modified (incidentally or intentionally), either during transfer to the cryptoprocessor from an external circuit, or after transfer while it is stored in a specific register of the cryptoprocessor.
To avoid a modification during the transfer, a solution is to recharge the key in the cryptoprocessor as often as possible, generally on each new ciphering, or periodically.
To check the integrity of the key once it is in the cryptoprocessor, the simplest would be to read this key to control it outside of the cryptoprocessor. However, to protect the key against possible hacking attempts, the temporary storage element (register) which contains the key is only accessible from outside of the cryptoprocessor in write mode. The integrity verification then comprises verifying the coherence of results obtained by two separate calculations using the key contained in the cryptoprocessor. The two calculations are either two cipherings of a same message with the key, or a ciphering followed by a deciphering.
However, if one of the bits of the key is modified in the key register and this register is not modified between the two calculations (be they successive or in parallel) or if it undergoes the same modification during both loadings, the verification mechanism is incapable of noticing it.